Storage of Access Data of Users Who Do Not Register (so-called User Data)
When a user accesses our website and retrieves a file, access data on this process are stored in a log file on our server. Every data set contains:
- The website from which the file was accessed,
- the name of the file, the date and time of access,
- the data volume transmitted,
- the access status (file transmitted, file not found, etc.),
- a description of the web browser used, and
- the client’s IP address.
The data stored are evaluated for statistical purposes exclusively. The data will not be transmitted to third parties for either commercial or non-commercial purposes.
Storage of Registration Data (so-called Inventory Data)
To register you for the desired event, we need the following information:
- Address (postal code, city, country)
- Email address
- Meal preferences for the event
- Participation of accompanying persons
- Detailed information on participation in the event booked (e.g. selection of certain program topics)
These data are collected and used exclusively for the purpose of registration, for the organization of the event, the administration of your user account, for invoicing, and for us to contact you, if necessary and permissible. For invoicing, your name, the event, and the participation fee are transmitted to SIX Payment (SIX Payment Services (Germany) GmbH, Langenhorner Chaussee 92-94, 22415 Hamburg, Germany). Your data are not transmitted to any other third parties. Your data will be stored as long as it is required for the execution of the event. Upon the expiry of the storage period outlined in tax and trade laws, your data will be deleted, unless you have expressly agreed to further data use. Transmission to recipients in third countries does not take place.
Links to Other Websites
Our websites contain links to other websites. We have no influence whatsoever on whether the operators of those websites comply with data protection regulations. As a provider, we are responsible for our own contents according to general legislation. Links to contents offered by other providers are beyond our control. We do not assume any responsibility for foreign contents that can be accessed via links and are specially marked, nor do we identify with their contents.
You have the right to request cost-free information about your personal data stored by us. In addition, you have the right to rectification, blocking, and erasure of these personal data according to the valid regulations. Please address your request to event∂kit.edu.
If you have any further questions regarding the use of your personal data, please contact our Data Protection Commissioner: datenschutzbeauftragter∂kit.edu.
Data transmission takes place with the help of the “Secure Sockets Layer“ technology (SSL). This means that data are encrypted before they are transmitted to prevent them from being read by unauthorized persons.
PCI DSS certifikat
PCI DSS stands for Payment Card Industry Data Security Standard and was developed by the PCI Security Standards Council to reduce credit card fraud on the Internet. All devices that process cardholder data must comply with PCI DSS. Compliance validation is carried out by a qualified security assessor (QSA), an internal security assessor (ISA) or a self-assessment questionnaire (SAQ).
The KIT PCI DSS Certificate (SAQ) is valid until April 2020.